VDB

CNVD-2023-72201

CNVD-2023-72201 PUBLISHED CVSS 8.800000190734863 HIGH

Microsoft SharePoint Server是美国微软(Microsoft)公司的一套企业业务协作平台。该平台用于对业务信息进行整合,并能够共享工作、与他人协同工作、组织项目和工作组、搜索人员和信息。 Microsoft SharePoint Server存在权限提升漏洞,攻击者可利用此漏洞在系统上获得提升的权限。

Risk Scores

CVSS v3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Affected Products

VendorProductVersions
MicrosoftMicrosoft SharePoint Enterprise Server 2013 Service Pack 115.0.0
MicrosoftMicrosoft SharePoint Foundation 2013 Service Pack 115.0.0
MicrosoftMicrosoft SharePoint Enterprise Server 201616.0.0
microsoftsharepoint_server16.0.0, 15.0.0, 16.0.0
MicrosoftMicrosoft SharePoint Server Subscription Edition16.0.0
MicrosoftMicrosoft SharePoint Server 201916.0.0
microsoftsharepoint_foundation15.0.0

Timeline

  • Feb 17, 2023 CVE ID Reserved
  • Mar 7, 2023 PoC Published
  • Sep 27, 2023 CVE Published
  • Mar 1, 2024 PoC Published
  • Jul 14, 2024 PoC Published
  • Feb 25, 2025 PoC Published
  • Sep 30, 2025 PoC Published
  • Apr 20, 2026 Security Advisory

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›